It’s been around for months at least, without attracting much attention, until UK publication The Guardianwrote a story about it last week.

The Guardian declared that “Error 53 fury mounts,” suggesting that Apple was threatening to “kill your iPhone 6.” (And that was just in the headline!)

The story seems to be that if you have an iPhone model with a fingerprint scanner built into the home button, and it breaks, or is replaced with an unauthorised aftermarket version, then updating to iOS 9…

…causes Error 53.

Apple, of course, is notorious for its official secrecy about ongoing security issues, and “does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.”

But in this case, Apple obviously considers the issue done-and-dusted, because it responded quickly to the Guardian, which published a second Error 53 story over the weekend, reporting Apple’s technical explanation:

[Apple takes] customer security very seriously and Error 53 is the result of security checks designed to protect our customers. iOS checks that the Touch ID sensor in your iPhone or iPad correctly matches your device’s other components.

If iOS finds a mismatch, the check fails and Touch ID, including for Apple Pay use, is disabled. This security measure is necessary to protect your device and prevent a fraudulent Touch ID sensor from being used. If a customer encounters Error 53, we encourage them to contact Apple Support.

Apple’s Touch ID is a form of HSM, or Hardware Security Module, a tamper-proof (or, more precisely, a seriously tamper-resistant) device that is used to store important data such as cryptographic keys or login passwords.

A mobile phone SIM card, for example, is a sort of HSM: it contains a unique identification key known as Ki, used to secure your communications, that can be written into the SIM but never read back out.

So too is a pre-paid electricity meter, which is protected against unauthorised changes to its configuration that might give you free power or let you draw too much current.

When security depends on secrecy, and secrecy depends on hardware, then how that hardware fails is at least as important as how it behave under ideal circumstances.

After all, there are no “ideal circumstances” in a world filled with cybercrooks.

WHAT’S THE TRUTH?

What isn’t clear in all of this is:

• Why Error 53 seems to happen only after an iOS update.

Some users who have experienced Error 53 report that their home button was repaired weeks or even months ago, so they’re understandably surprised that a problem of this sort wasn’t detected and reported sooner, if indeed dealing with the issue is as necessary as Apple claims.

Apple should probably consider an earlier warning, especially if the home button has been damaged but not replaced because it still seems to work correctly.

• How bad Error 53 is for your data or device.

The Guardian’s original report, for example, is neither sure nor clear about whether Error 53 effectively bricks your phone, so it can’t be made to work again; requires you to return it to Apple for repair that includes a full wipe; or simply stops the Touch ID from working, as Apple suggests, thus locking you out of Apple Pay and requiring a passcode every time you unlock the device.

Indeed, the Guardian comes out swinging by stating that Error 53 “permanently disables the handset,” while Apple carefully says that “Touch ID, including for Apple Pay use, is disabled.”

What’s the truth, we wonder?

If you have first-hand experience of Error 53, why not tell us in the comments what happened (and how you fixed it or worked around it, if indeed you did)?

Post navigation

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too.
Follow him on Twitter: @duckblog

13 comments on ““Error 53” – could an iPhone update turn your phone into a brick?”

I have what I suppose could be called a non-confirmation. I have a iPhone 5s, which is Touch ID capable but I’ve never used it. Some months back a had the home button replaced (I broke it doing a battery replacement.) The independent tech warned me that Touch ID wouldn’t work any more, but that didn’t bother me.

I faced the same issue with my iPhone6 three months ago, which was having a repaired home button. It started when I want to update iOS to 9.2. I tried with OTA update first but which was failing with an unknown error. So I connected to iTunes then the error 53 appears, then the iPhone goes to recovery mode, which never completes the iOS update process.

The theory seems to be that disrupting/displacing/bodging the home button connector in some way, e.g. while replacing a screen, might be considered tampering. I guess if it’s a way of getting some sort of electrical access to the “HSM” part, it’s fair to make that call…but I am guessing 🙂

From what i know. It seems the Touch ID sensor is hard coded to the logic board. The sensor is required in ios 9 because of the devices encryption. The “secure enclavè” as apple dubbed it, seems to need a code from the sensor and if it doesn’t present the correct code the phone can become unbootable. Even after a full restore. I personally have a iphone 5s and the sensor has worked fine since the day i took it out of the box. I am not one to break my devices either. So i don’t know if replacing the button works on my device. Or if it causes this error/bricks the phone. Some people claim to have used the buttons from a 5 on a 5s and it worked fine.. Not entirely sure. Could be something to do with apple pay?

I have a 64GB 6s Plus that’s been in a Tough Armor Spigen case with a really thick Spigen screen protector it’s entire life and have never had anything repaired or replaced on my phone. Recently I must’ve hit the approval button for the software update (i normally hit remind me tomorrow — I knew it was a matter of time before I hit the other option!) After the update to 9.2.1, my Touch ID stopped functioning. I next upgraded my iMac’s OS to El Capitan and I tried doing a complete and total “Restore” to factory settings from the latest edition of iTunes. Halfway through the process I got the dreaded error 53. I’ve had the phone since early Nov. 2015, so I’ll have to see if I can get it fixed on Apple’s nickel — I know I’ve done absolutely nothing to cause this type of complete fail, so I hope I’m not saddle with repair costs.

I work for a company that uses Apple phones. One of the employees has had an error 53 pop up. Although, his touch ID has not been repaired. All hardware within the phone is original. By the time I got it, I’ve attempted to do an iTunes update(per Apple Supports recommendation). They wanted me to try on multiple machines, due to first attempting to do it on a Company network they were considering our Firewalls etc blocking it. After attempting to do the update on 4 different machines on 3 different networks. I’m still stuck with a phone that will not update and is stuck at the “Connect to iTunes” screen.